Cyber Law

Disclaimer

PLEASE READ VERY CAREFULLY THESE TERMS OF USE BEFORE READING, COMMENTING ON, DOWNLOADING, COPYING, REPRODUCING, ALTERING MATERIALS OF ANY KIND, SUBSCRIBING TO, AND LINKING TO (COLLECTIVELY “USING”) THIS BLOG. USING THIS BLOG INDICATES THAT YOU ACCEPT THESE TERMS OF USE. IF YOU DO NOT ACCEPT THESE TERMS OF USE, PLEASE DO NOT USE THIS BLOG.

IF YOU USE THIS SITE CONTENT FOR ANYTHING OTHER THAN EDUCATIONAL PURPOSES, THE OWNER OF THIS SITE IS NOT RESPONSIBLE FOR YOUR ACTIONS OR ANYTHING AS A RESULT OF YOUR ACTIONS. MISUSE COULD RESULT IN BREAKING THE LAW SO USE IT AT YOUR OWN RISK!!

This blog does not encourage, condone, or orchestrate attempts to hack into other servers or any other illegal activities.

What is Ethical hacker :An ethical hacker is a computer and network expert who tracks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them.

Translate

My List

Forum Ethical Hacking Guide

Thursday, August 4, 2011

XSS Shell is a powerful XSS backdoor which allows interactively getting control over a Cross-site Scripting (XSS) vulnerability in a web application. Demonstrates the real power and damage of Cross-site Scripting attacks.

WHAT IS XSS SHELL ?XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by XSS-Proxy (XSS-Proxy: A tool for realtime XSS hijacking and control). Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim, you can backdoor the page.You can steal basic auth, you can bypass IP restrictions in administration panels, you can DDoS some systems with a permanent XSS vulnerability etc. Attack possibilities are limited with ideas. Basically this tool demonstrates that you can do more with XSS.FEATURES

XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.
Most of the features can enable or disabled from configuration or can be tweaked from source code.
Features:

Configure XSS Shell for communication;
1. Open xssshell.asp
2. Set "SERVER" variable to where your XSSShell folder is located. i.e: "http://[YOURHOST]/xssshell/";
3. Be sure to check "ME", "CONNECTOR", "COMMANDS_URL" variables. If you changed filenames, folder names or some kind of different configuration you need modify them.

Now open your admin interface from your browser,
To test it, just modify "sample_victim/default.asp" source code and replace "http://attacker:81/release/xssshell.js" URL with your own XSS Shell URL. Open "sample_victim" folder in some other browser and may be upload in to some other server.

Now you should see a zombie in admin interface. Just write something into "parameters" textarea and click "alert()". You should see an alert message in victim's browser.

-------------------------
SECURITY NOTES
-------------------------
- As a hunter be careful about possible "Backfire" in getSelfHTML(). Someone can hack you back or track you by another XSS or XSS Shell attack.
- Checkout "showdata.asp" and implement your own "filter()" function to make it safer for you.

-------------------------
HOW CAN YOU EXTEND?
-------------------------
First implement it to xssshell.asp
1) Add new enum for your control
- Set a name and unique number like "CMD_GETCOOKIE"
- var CMD_SAMPLE = 78;

There are parameters and lots of helper in the code. Check out other commands for reference.
Enable debug feature to debug your new commands easily.
-------------------------
KNOWN BUGS;
-------------------------
- Keylogger is not working on IE
- Possibly not going to work for framed pages because of frame regeneration.
- Not working on Konqueror